CVE-2006-3004
Summary
| CVE | CVE-2006-3004 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-13 01:02:00 UTC |
| Updated | 2017-07-20 01:31:00 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Scriptsez | Ez Ringtone Manager | All | All | All | All |
| Application | Scriptsez | Ez Ringtone Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityReason - Ez Ringtone Manager from scriptez.net - XSS | SREASON | securityreason.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | Exploit |
| Secunia - Advisories - Ez Ringtone Manager Cross-Site Scripting Vulnerabilities | SECUNIA | secunia.com | Exploit |
| ScriptsEZ Ez Ringtone Manager Player.PHP Cross-Site Scripting Vulnerability | BID | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.